{"id":14012,"date":"2026-07-02T04:04:09","date_gmt":"2026-07-02T04:04:09","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/07\/02\/33114\/"},"modified":"2026-07-02T04:04:09","modified_gmt":"2026-07-02T04:04:09","slug":"33114","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/07\/02\/33114\/","title":{"rendered":"June 2026 Apple Updates, (Tue, Jun 30th)"},"content":{"rendered":"<p>    June 2026 Apple Updates, (Tue, Jun 30th)<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>Apple released updates for iOS\/iPadOS, macOS, and Safari on Monday. There have been no updates for other Apple operating systems (visionOS, watchOS, tvOS). Usually, Apple updates all products at the same time.<\/p>\n<p>Most of the vulnerabilities affect the web browser (WebKit, libxslt, WebRTC, and Web Extension). Only four of the vulnerabilities are not directly related to web content: Three Kernel issues and one vulnerability in the IOGPUFamily.<\/p>\n<p>None of the vulnerabilities is labeled as &#8220;exploited&#8221;.<\/p>\n<p>\u00a0<\/p>\n<table class=\"datatable\">\n<thead>\n<tr>\n<th>iOS 26.5.2 and iPadOS 26.5.2<\/th>\n<th>macOS Tahoe 26.5.2<\/th>\n<th>Safari 26.5.2<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-39868:<\/b> An app may be able to cause unexpected system termination or corrupt kernel memory.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43676:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43700:<\/b> Processing maliciously crafted web content may disclose sensitive user information.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43701:<\/b> A malicious website may be able to process restricted web content outside the sandbox.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43703:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects libxslt<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43704:<\/b> A malicious web extension may be able to cause an unexpected process crash.<br \/>\n\t\t\tAffects Web Extensions<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43705:<\/b> Processing maliciously crafted web content may lead to memory corruption.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43706:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects libxslt<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43707:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43708:<\/b> A malicious website may exfiltrate data cross-origin.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43712:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43713:<\/b> Visiting a website may leak sensitive data.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43715:<\/b> Processing maliciously crafted web content may lead to memory corruption.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43716:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43718:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebRTC<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43720:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebKit Canvas<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43721:<\/b> A malicious website may be able to silently hijack clipboard data.<br \/>\n\t\t\tAffects WebKit Storage<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43722:<\/b> An app may be able to leak sensitive kernel state.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43724:<\/b> An app may be able to cause unexpected system termination or write kernel memory.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43725:<\/b> A malicious website may be able to process restricted web content outside the sandbox.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43727:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43732:<\/b> Processing maliciously crafted web content may disclose sensitive user information.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43735:<\/b> A malicious website may exfiltrate data cross-origin.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43740:<\/b> Processing maliciously crafted web content may result in the disclosure of process memory.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43742:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43743:<\/b> An app may be able to cause unexpected system termination.<br \/>\n\t\t\tAffects IOGPUFamily<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43745:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"3\">\n<b>CVE-2026-43746:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebRTC<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&#8212;<br \/>\nJohannes B. Ullrich, Ph.D. , Dean of Research, <a href=\"https:\/\/sans.edu\/\">SANS.edu<\/a><br \/>\n<a href=\"https:\/\/jbu.me\/164\">Twitter<\/a>|<\/p>\n<p> (c) SANS Internet Storm Center. https:\/\/isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.<\/p><\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/isc.sans.edu\/diary\/rss\/33114\">Go to isc.sans.edu<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>June 2026 Apple Updates, (Tue, Jun 30th) Apple released updates for iOS\/iPadOS, macOS, and Safari on Monday. There have been no updates for other Apple operating systems (visionOS, watchOS, tvOS). Usually, Apple updates all products at the same time. Most of the vulnerabilities affect the web browser (WebKit, libxslt, WebRTC, and Web Extension). Only four [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[56],"tags":[69],"class_list":["post-14012","post","type-post","status-publish","format-standard","hentry","category-isc-sans-edu","tag-isc-sans-edu"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14012"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=14012"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14012\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=14012"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=14012"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=14012"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}